IS YOUR GDPR JOURNEY TURNING OUT TO BEAN ICY ROAD?

The General Data Protection Regulation (GDPR) has been in the making for over 4 years but now it is there. It promises data protection rules that will remove red tape but also tighten privacy protections.

GDPR Changes

1

2

3

4

5

6

7

8

9

10

11

0Days0Hours0Minutes0Seconds

25/5/2018 is the final date when companies will need to comply and be in line with the GDPR regulations.Instead of becoming scared and only focus on this deadline, please have a look at what type of solutions you can put in place.

Where do you start?

A lot of companies, both solution providers and vendors, tend to let you focus on the regulatory deadline and the potential penalties. The regulatory requirements are a reality but there is more about GDPR then scaring people in order to get them moving. What you need is a solution that gives you an end-to-end but non-intrusive answer to GDPR that is also in line with the flexibility that your organization needs.

We have a modular approach where we assist our GDPR clients on 3 levels:

Legal. Being 100% in line with the legal obligations is crucial. We have the partnerships with the experienced legal firms in place and such can provide the specific GDPR legal advice that you need to take into account to become and stay compliant.

Processes. Becoming compliant also requires that you thoroughly assess your processes and if needed make the necessary changes. Potentially new processes in case of a data breach, the setup of an emergency plan, the implementation of a Data Register.... are typically part of the services that we deliver.

Data.The GDPR is all about personal data. In that sense, the legal and processes related elements are very important but you are also required to actually do something with your data. We offer a number of solutions starting from data discovery up to data security and master data management.

SEE WHAT TYPEOF GDPR SOLUTIONSWE OFFER

Data Register &Governance

Data Discovery

DataSecurity

Consent & DataMastering

Data Register & Governance

As a Privacy Officer, you basically need to get control over data flows in your organization, transparency of the processing of personal data, and a way to report to management and the data processing authorities. We do have the solutions in place to answer these needs and as a result your organization thereby not only gains insight into what happens with personal data, but it also proves to your customers and data processing authorities that it takes privacy seriously.

5 THINGS TO KNOW AND DO TO GET READY FOR GDPR

Learn the vital steps your organization should be taking now to ensure compliance.

According to a 2016 Ponemon Report, only 12%of IT and security staff know the risk to their structured data.

Data Discovery

Organizations spend significant time & money manually classifying, surveying, reporting on sensitive data assets. These manual efforts are labor-intensive and prone to error. By automating these tasks, your resources can be moved to taking corrective actions and security risks and investments will be improved with results that are more precise and repeatable.

Data Security

Discovering where you sensitive is located, is a first and an important step but then obviously you need to guarantee that this data is properly protected. GDPR endorses the concept of pseudonymization for data privacy and when supported by the proper technologies, which protect data itself at rest and in use, considers it safe for transfer across borders and in the event of a data breach. We offer a number of solutions in this context – from data masking up to tokenization solutions. We also offer solutions that monitor what happens with your data and allows you act when necessary.

The usual arguments in making a business case to implement some particular technical security control as the means to safeguard an organization’s sensitive data sounds familiar and reasonable. But in reality, these decisions should actually be driven by three interconnected parts: context (“ready”), risk (“aim”) and controls (“fires”). The order is very important to ensure IT planning, prioritization and tactics yield results that make a difference keeping critical data assets safe.

Breach risk and therefore data risk continue to climb. If you understand what sensitive data you have, where it is, its risks and financial impact, you have the intelligence to better manage your data security and management efforts. Focus on where your organization should invest in controls, policies and processes, to counter an undeniable challenge for all organizations: unbridled data growth and unbridled data attacks. This survey analyzes peer feedback from data and security professional across the globe and yields valuable insight on the role of sensitive data intelligence in IT planning, strategy and tactics.

Consent & Data Mastering

One of the fundamental elements of the GDPR is the Data Subject consent linked to a specific purpose. Nowadays consent is typically managed in a marketing automation or other similar platform. Typically this is an island application and the consent of a particular client is lost when his or her data is being used by marketing, sales or other departments. At that moment you obviously risk of violating the consent requirements as stipulated by the GDPR. You require a solution that lets you manage and govern your customer's consent across your complete organization.

The GDPR data portability, the right to be forgotten, ... require that you also have a single of view on your customers. Creating a single, authoritative view of personal data from disparate, duplicate and conflicting information lets you get control of these data assets across your landscape. Only with a single view and the proper data lineage you can put your customer GDPR requests into effect.